Back to skill

Security audit

Codex Usage Widget

Security checks across malware telemetry and agentic risk

Overview

Available signals do not show malicious behavior, but the local artifacts could not be independently inspected in this sandbox, so users should review the install scripts before running them.

Before installing, read SKILL.md and any install.sh, uninstall.sh, or validation scripts to confirm the exact paths they read or modify, especially anything under ~/.codex. Proceed only if the widget installation behavior matches what you expect and the scripts do not access unrelated private files or credentials.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.